Unable to modify some settings ("SSH Login" or "Bash Shell") in VAMI (vCenter Appliance Management Interface) by a newly created SSO account (not built-in account such as [email protected]) . 

Error is thrown such as "Unable to authorize user". 

vCenter Server Appliance

VAMI (backed by appliance management) authorization module has an own authentication based on local account (such as 'root' for example) and privileges so it is not straightforward to map SSO group to local VAMI privileges.

But 'SystemConfiguration.BashShellAdministrators' SSO group has a complete privileges to access local config in a VCSA through VAMI.

Add the newly created SSO account into the built-in SSO group "SystemConfiguration.BashShellAdministrators".

The SystemConfiguration.BashShellAdministrators group has the appropriate privileges to access and modify the appliance configuration (but not for vCenter-managed objects).